Reputation: 33
phpCAS single sign out or check authentication
I am using phpCAS (v 1.3.2) on my app. I wanted to do a periodic check against the CAS server to determine if the user has been logged out by other participating SSO apps. However, whenever I do a phpCAS::checkAuthentication() or phpCAS::forceAuthentication(), it would always return authenticated even if some other apps already logged out or even if I do a direct logout with the CAS server's logout url/link. I see that it is because the local session is still present, so it does not bother to do a check against the server. Is it the responsibility of the other apps to destroy this session?
The other way is working perfectly - that is, I do a logout on my app (w/c is using phpCAS) then I also get logged off with the other participating sso apps and even at the server's portal. By the way, I have tried all examples the CAS library provided. None worked.
What am I missing ?
Upvotes: 1
Views: 3272
Answers (1)
Reputation: 1828
Instead of actively checking the CAS server, you should listen for notifications from the CAS server that a user has logged out. To do this, you need to implement single sign out. There is an example of how to do this in phpCAS: simply add phpCAS::handleLogoutRequests(false); to your login script, before the call to phpCAS::forceAuthentication().
Upvotes: 2
Related Questions
- Single sign out in CAS
- php - authenticate against CAS client
- Single Sign On with CAS server in JAVA
- Single Sign on Authentication with CAS
- Using PHP to handle CAS logins (migrating from JSP)
- How to verify if user is logged in via CAS
- Need some clarity on CAS basic configuration
- CAS server login
- CAS Single Sign Out not worked in drupal
- Implementation issues with SSO